Website hosting provider GoDaddy is one of the largest in the world, so when something goes wrong there it tends to be pretty big. Since it makes no sense to lead with that unless something’s gone wrong… guess what? A security breach at the company has lead to the leak of up to 1.2 million WordPress accounts.
The breach, referred to as a “security incident,” was revealed in an SEC filing the company made reporting the leak.
Security me harder, GoDaddy!
At risk are the email addresses of up to 1.2 million of GoDaddy’s active and inactive Managed WordPress users. The initial passwords created when setting up these accounts were also compromised, but the host says it reset those that were still in use.
Inactive customers don’t have much to worry about, aside from their emails being out in the wild. As long as they’re relatively resistant to phishing, anyway. Some active users also had sFTP, database usernames and passwords, and SSL private keys stolen. GoDaddy says it has reset the passwords in question and is installing new certificates for those with SSL woes.
As to what actually happened, the web host claims to know exactly what went on. The company explains, “Using a compromised password, an unauthorized third party accessed the provisioning system in our legacy code base for Managed WordPress.”
The breach was first noticed on 17 November, and an investigation is ongoing. An IT forensics company, law enforcement, and presumably GoDaddy, are on the case. In the meantime, if you’ve purchased your WordPress hosting through the web host, it’s time to make sure your passwords and settings are secure.